Category: Hacker

Michael “MafiaBoy” Calce was just 15 years old. During his Exploit days, prior to being arrested, he had taken down the websites of some of the largest companies in the world, causing an estimated $1.7 billion in losses. He realized the depth of what he had done, after watching a news program where then President Clinton spoke about what “Mafiaboy” had done.

This video: “Rivolta: Inside the Mind of Canada’s Most Notorious Hacker” was produced by HP Canada. “Rivolta” was directed by Hubert Davis.

In one way this young person was extremely curious and yet his educators did not pick-up on that, so he sought out info elsewhere. In one part of the video, Michael Calce talked about taking a computer programming class in Pascal, but showed his instructor that he could code the course examples in far more powerful and complex “C Language“.

How many other genius kids who have the inner desire to learn, are also being missed by their Educators? Yes, this video is about the Exploits of a 15-year-old“Elite” Hacker, but it is also about an Educational System which in my opinion failed this young lad.

Over 60 million email addresses and passwords were hacked from Dropbox years ago. That data is floating around the folks on DarkNet. It is older and apparently not being marketed, yet some hacker have it. Even though the breach happened years back, the data still has value. People often rarely change their password. Similar Mega Breach data from prior breaches at LinkdIn and Tumblr, was being bought, sold and traded on DarkNet markets.

Click on this Link to visit Troy Hunt’s site. He was sent the hacked data from a supporter of “Have I Been Pwned?” site. Troy then found his own account data and also his wife’s account data and proceeded to confirm that the Dropbox Mega-Breach was real.

Disclaimer: Any Trademarks mentioned in this post are owned by the respective Trademark owner. There could be unintentional errors or omissions in this post. Always refer to the official sites to confirm details and any ongoing changes or updates. This post is subject to change without notice.

When we think about surfing the Internet, most people are looking at just the top of the network iceberg. When in fact, the web actually holds a “Deep Web,” hidden from everyday users and ordinary browsers. This is due to the Deep Web continuously encrypting …

Disclaimer: Any Trademarks mentioned in this post are owned by the respective Trademark owner. There could be unintentional errors or omissions in this post. Always refer to the official sites to confirm details and any ongoing changes or updates. This post is subject to change without notice.

The Department of Defense announced today that it will invite vetted hackers to test the department’s cybersecurity under a unique pilot program. The “Hack the Pentagon” initiative is the first cyber bug bounty program in the history of the federal government.

Under the pilot program, the department will use commercial sector crowdsourcing to allow qualified participants to conduct vulnerability identification and analysis on the department’s public webpages. The bug bounty program is modeled after similar competitions conducted by some of the nation’s biggest companies to improve the security and delivery of networks, products, and digital services. The pilot marks the first in a series of programs designed to test and find vulnerabilities in the department’s applications, websites, and networks.

Participants in the bug bounty will be required to register and submit to a background check prior to any involvement with the pilot program. Once vetted, these hackers will participate in a controlled, limited duration program that will allow them to identify vulnerabilities on a predetermined department system. Other networks, including the department’s critical, mission-facing systems will not be part of the bug bounty pilot program. Participants in the competition could be eligible for monetary awards and other recognition.

This innovative project is a demonstration of Secretary Carter’s continued commitment to drive the Pentagon to identify new ways to improve the department’s security measures as our interests in cyberspace evolve.

“I am always challenging our people to think outside the five-sided box that is the Pentagon,” said Secretary of Defense Ash Carter. “Inviting responsible hackers to test our cybersecurity certainly meets that test. I am confident this innovative initiative will strengthen our digital defenses and ultimately enhance our national security.”

The “Hack the Pentagon” initiative is being led by the department’s Defense Digital Service (DDS), launched by Secretary Carter last November. The DDS, an arm of the White House’s dynamic cadre of technology experts at the U.S. Digital Service, includes a small team of engineers and data experts meant to improve the department’s technological agility.

“Bringing in the best talent, technology and processes from the private sector not only helps us deliver comprehensive, more secure solutions to the DoD, but it also helps us better protect our country,” said DDS Director and technology entrepreneur Chris Lynch.

This initiative is consistent with the administration’s Cyber National Action Plan announced on Feb. 9, which prioritizes near-term actions to improve our cyber defences and codifies a long-term strategy to enhance cybersecurity across the U.S. government.

The pilot program will launch in April and the department will provide more details on requirements for participation and other ground rules in the coming weeks.

Disclaimer: Any Trademarks mentioned in this post are owned by the respective Trademark owner. There could be unintentional errors or omissions in this post. Always refer to the official sites to confirm details and any ongoing changes or updates. This post is subject to change without notice. Any offers mentioned in this post are also subject to change without notice.

Disclaimer: Any Trademarks mentioned in this post are owned by the respective Trademark owner. There could be unintentional errors or omissions in this post. Always refer to the official sites to confirm details and any ongoing changes or updates. Many moons ago I had worked with someone named “Wang Wei”, not sure if it was the same person as the author of The Hackers News post

Chinese authorities had arrested a number of individuals and shut down the WireLurker Command and Control Server just ten days after Palo Alto Networks released their findings.

Last weekend we focused on Cybersecurity issues. Many visitors to this site may not be fully versed in Cybersecurity issues. In that vein, I wanted to let you all know that Palo Alto Networks is allowing the legal download of Cybersecurity for Dummies. It discuss APTs (Advanced Persistent Threats) to the Enterprise Network. Old solutions no longer work. A layered approach of new solution is detailed.

Disclaimer: Any Trademarks mentioned in this post are owned by the respective Trademark owner. There could be unintentional errors or omissions in this post. Always refer to the official sites to confirm details and any ongoing changes or updates. This post is subject to change without notice. Any offers mentioned in this post are also subject to change without notice.

Suits and Spooks Events are a bit like TED Talks, but focused on Cyber Security issues. From the Suites and Spooks webpage: “Each event draws thought leaders and decision makers from the public, private, defense, law enforcement and intelligence sectors who come to learn about and discuss some of the key security challenges which face our digitally connected nation and world“One unique aspect of the presentations made at Suits and Spooks is that after the first 10 minutes, the Audience can join in by asking questions or directly challenging the presenter. Audience participation resulting in Debate and Discussion is the cornerstone of these events.

The next Suits and Spooks Event will be held in London England on May 6th and 7th 2015.

Disclaimer: Any Trademarks mentioned in this post are owned by the respective Trademark owner. There could be unintentional errors or omissions in this post. Always refer to the official sites to confirm details and any ongoing changes or updates. This post is subject to change without notice. Any offers mentioned in this post are also subject to change without notice.

Kaspersky Lab Experts referred to the Equation group as the “God” or the “Death Star” of Malware. Part of the huge arsenal of code which the Equation group has been developing over what looks like decades is “nls_933w.dll“. “It allows them to reprogram the hard drive firmware of over a dozen different hard drive brands“.

Once “nls_933w.dll“ installs the Malware into the Hard Disk’s firmware, there is no way to remove it. Repartitioning will not affect it. Reformatting has no effect. The only way to get rid of this Malware from the targeted computer, is to physically destroy the Hard Disk.

Kaspersky Lab goes on to report that the Equation group seems to have existed long before the Stuxnet group.

The word “Elite” is part of the lexicon of Hackers. The Equation group therefore can be called the Elite of the Elite of the Elite of the Elite of the Elite and so on of Uber Hackers. To be able to hack and modify a Hard Drive’s firmware is unheard of. To be able to do so for Hard Drives of over a dozen different brands is insanely impossible. Yet the Equation group did it and very likely much more, that has yet to come to light. In comparison, this makes things likethe REGIN Malware group’s incredible capabilities seem like no big deal.

Disclaimer: Any Trademarks mentioned in this post are owned by the respective Trademark owner. There could be unintentional errors or omissions in this post. Always refer to the official sites to confirm details and any ongoing changes or updates. This post is subject to change without notice.

Disclaimer: Any Trademarks mentioned in this post are owned by the respective Trademark owner. There could be unintentional errors or omissions in this post. Always refer to the official sites to confirm details and any ongoing changes or updates. This post is subject to change without notice.

This is a further update to our prior post about the breaking news of a major Cyber Bank Heist.
The amount supposedly stolen from assorted banks around the globe is now being published to be around $1 Billion Dollars.

I have had many arguments about security software. One group especially got me going because to them Norton Security was the end all and be all. I finally got their so-called Tech to admit that to him Norton Security was the best because it had the largest market share. That’s like saying that GM automobiles are better than Rolls Royce automobiles because GM has a larger market share.

The report on what Kasperky Lab had determined about the Cyber Bank Heist will be made public on Monday Feb 16.

Supposedly ATMs were instructed by the Hackers to dispense money at specific times.

Account balances were supposedly inflated and then the inflated amounts were transferred to Bank Accounts setup by the Hackers.

In the New York Times article it seems that Kaspersky Lab had supposedly seen evidence of hundreds of millions of dollars in supposed theft. The article implied that the Cyber Security Experts at Kaspersky Lab think that the sums stolen could possibly be multiple times more.

I will keep watching for the official Kaspersky Lab report on Monday. Till then you can learn more about this by visiting some of the links below.

I will continue to post about this as more is learned – most likely when that Kaspersky Lab report is released on Monday Feb 16 2015.

Posted by: Vincent Banial

Disclaimer: Any Trademarks mentioned in this post are owned by the respective Trademark owner. There could be unintentional errors or omissions in this post. Always refer to the official sites to confirm details and any ongoing changes or updates. This post is subject to change without notice.

Staying informed can help keep you and your Apple IOS and OSX gear from falling victim to such attacks.

Posted by: Vincent Banial

Disclaimer: Any Trademarks mentioned in this post are owned by the respective Trademark owner. There could be unintentional errors or omissions in this post. Always refer to the official sites to confirm details and any ongoing changes or updates. This post is subject to change without notice.

Copyright

If a specific photo is not our own, we will include a Photo Credit just below the photograph in the Caption area. Any such photos are either in the Public Domain, carry a Creative Commons license for Free use or are used with permission granted by said Copyright Holder.

Videos are linked to only when the originating Video site permits us to do so. The vast majority of linked to videos found on this site are courtesy of YouTube and assorted YouTube Channels.

Affiliations & Disclaimer

Uniquely Toronto and this blogsite are not affiliated with the City of Toronto, in any way.

The City of Toronto does "not" sponsor or endorse the Uniquely Toronto blog, or the Photos and Blog Posts found here.

****************
DISCLAIMER:
****************
All the articles on this site are for entertainment, educational and commentary purposes only, and as such are protected by Laws governing Free Speech. They are not intended to provide, nor replace, medical, health, legal, financial or other professional advice. Each person visiting our site must do their own Due Diligence and always speak with their own Licensed Medical and or Licensed Financial Professional.

In 2017 I have started to post about Medical Cannabis. FDA Disclaimer: The statements on this site have not been evaluated by the US FDA and are not intended to diagnose, treat, cure or prevent any disease.

Your Licensed Medical Doctor must be consulted before
starting any form of treatment.

The information which is posted on the Uniquely Toronto blog should NEVER be considered as being professional medical advice. Vincent Banial is not a Licensed Medical Doctor. As was mentioned earlier in this Disclaimer, all the articles on this site are for entertainment, educational and commentary purposes only.

Anything posted on this Blog is subject to change without notice. I report on events over which I have no control. Stuff happens and things are always subject to change without notice (like life itself).

No endorsement of products and services found in our photos or mentioned in our blog posts is either expressed or implied.

Blog posts may contain unintentional errors and or omissions. Please inform me of any errors that you may find on the blog. Our email address is at the top of the blog.

All posts are for entertainment, educational and commentary purposes only, and as such are protected by Laws governing Free Speech.

Trademarks

Product names, brands, logos and any other trademarks found in our Photos or referred to within our Blog posts, are the property of their respective trademark holders. Any Trademarks found and are not used here for commercial purposes. The trademark owners are not affiliated with Vincent Banial, or the Uniquely Toronto blog, or the Uniquely Tech blog, or the Unique F-Stop blog, or the CLiK CLiK Vic photo site. The trademark owners do "not" sponsor or endorse our Photos or Blog Posts

Published under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0 license

The licensor cannot revoke these freedoms as long as you follow the license terms.

Under the following terms:

Attribution — You must give appropriate credit to Vincent Banial, provide a link back to https://uniquelytoronto.wordpress.com, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use.

NonCommercial — You may not use the material for commercial purposes.

NoDerivatives — If you remix, transform, or build upon the material, you may not distribute the modified material.

No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.

Notices:

You do not have to comply with the license for elements of the material in the public domain or where your use is permitted by an applicable exception or limitation.

No warranties are given. The license may not give you all of the permissions necessary for your intended use. For example, other rights such as publicity, privacy, or moral rights may limit how you use the material.